| ▲ | loneboat 4 hours ago |
| I've seen this claim a few times, but when I triggered the guardrails in Claude Code, it clearly notified me that it had switched to a different model ("something something for security purposes..."). Are you using Fable in Claude Code or in the browser? |
|
| ▲ | vadansky 4 hours ago | parent | next [-] |
| It's from the model card: > unlike our interventions for cybersecurity, biology and chemistry, and distillation attempts, these safeguards will not be visible to the user. Fable 5 will not fall back to a different model. Instead, the safeguards will limit effectiveness through methods such as prompt modification, steering vectors, or parameter-efficient fine-tuning (PEFT). https://www-cdn.anthropic.com/d00db56fa754a1b115b6dd7cb2e3c3... (stolen from https://jonready.com/blog/posts/claude-fable5-is-allowed-to-...) |
| |
| ▲ | mwwaters 2 hours ago | parent | next [-] | | That is for whatever it considers reverse-engineering the model to try to create a competing one. | | |
| ▲ | dannyw 2 hours ago | parent | next [-] | | No, that’s for “frontier LLM development” which somehow includes examples like distributed training infra. Based on how sensitive the classifers are, any data scientist / MLE is probably going to encounter cases where some silent degradation happens and you never know about it. | | | |
| ▲ | 827a 2 hours ago | parent | prev | next [-] | | It does nothing to protect against distillation attacks, because distillation attacks are far less interested in the topic of AI research than just generally getting tons of diverse output from the model. It might be that Mythos was (accidentally?) trained on internal Anthropic documentation on how Mythos was trained, and thus it could leak secret sauce? Doubtful; it feels like its less about the specific attack of reverse-engineering Mythos, and more about being a general sophon against any model training at all; that Anthropic's official position is now that they're the only ones who should be training models. | |
| ▲ | _0ffh 2 hours ago | parent | prev | next [-] | | No, it's not about reverse engineering. It targets ML research. | |
| ▲ | 2 hours ago | parent | prev [-] | | [deleted] |
| |
| ▲ | DrewADesign 3 hours ago | parent | prev [-] | | Yeah they detect the activity using a secure, deterministic heuristic system called “Generalized Reconnaissance Enabling Exfiltration of Deleterious Investigations.”
And it’s all implemented using their new internal protocol called “Base Unified Limitation Layer for Security Hacking Investigation Tactics” Collectively, they are known as known as GREEDI-BULLSHIT. |
|
|
| ▲ | mips_avatar 4 hours ago | parent | prev | next [-] |
| They've said that they'll stop notifying developers when this gets triggered, instead they'll load in basically like a LORA that's designed to inject bugs into your code. |
| |
| ▲ | HDBaseT 4 hours ago | parent | next [-] | | Antrophic wants to stop training models and ride out Mythos / Fable for as long as possible. They are trying to expand the 6-18 month gap they have against China-based models. Could the gap widen to say 24 months behind? | | |
| ▲ | p-e-w 3 hours ago | parent [-] | | Their gap over Chinese models like GLM-5.1 is nowhere near 18 months. In many areas, it’s less than 6 months. The best closed models 18 months ago were worse than Qwen3.6. | | |
| ▲ | echelon an hour ago | parent [-] | | These coding agent models only started getting useful in January. Before that they were difficult to control autocomplete, and not very smart. January was an inflection point, and no open weights model has crossed over that same threshold. This is definitely recursive self improvement territory, except that we're prohibited from participating. It feels like the capability gap is wider than before. |
|
| |
| ▲ | nomel 3 hours ago | parent | prev [-] | | > a LORA that's designed to inject bugs into your code A statement like this, clearly, requires a reference. | | |
| ▲ | mips_avatar 3 hours ago | parent [-] | | From the model card: "the safeguards will limit effectiveness through methods such as prompt modification, steering vectors, or parameter-efficient fine-tuning" aka they will take your ML research code and inject bugs into it until it breaks using a LORA (or some other form of PEFT) | | |
| ▲ | bee_rider 2 hours ago | parent | next [-] | | “Limit effectiveness” could mean introducing performance degradation in your code. Which is arguably some sort of performance bug (I mean, ML codes are supposed to be high performance so I’d call unnecessary degradation a bug), but it could be borderline. | |
| ▲ | nomel 3 hours ago | parent | prev [-] | | Thanks, I thought maybe I missed something. That's an interesting way to interpret that. | | |
| ▲ | giancarlostoro 3 hours ago | parent | next [-] | | PEFT is a library, one of its capabilities is to produce LoRAs. See: https://heidloff.net/article/efficient-fine-tuning-lora/ | | |
| ▲ | adw 2 hours ago | parent [-] | | It's just an acronym, "parameter-efficient fine tuning". LoRA is one method, prefix tuning is another, there are more. |
| |
| ▲ | mips_avatar 3 hours ago | parent | prev [-] | | Anthropic is trying to hide bad behavior by being vague, it's important to not be vague when calling it out. | | |
| ▲ | nomel 2 hours ago | parent [-] | | I'm of the opinion that removing guardrails is how you force regulation. What's your opinion on the balance? | | |
| ▲ | mips_avatar a few seconds ago | parent | next [-] | | They’re not safety guardrails they’re anthropic doesn’t like anyone who isn’t anthropic working on AI rails | |
| ▲ | dannyw an hour ago | parent | prev [-] | | They have all transcripts for at least 30 days. The problem is that (as anyone who used Fable can attest) their classifiers are extremely sensitive and catch tons of innocent queries. Imagine being a data scientist or MLE training a small classifier model. How do you know you won’t get steering vectors or a PEFT applied? | | |
| ▲ | nomel 9 minutes ago | parent [-] | | Since your answer isn't direct, I'm having a little trouble interpreting it. Are you saying they should relax guardrails since they have 30 days to know if you produced something bad? If that is what you're saying, then I suspect they chose their current path to prevent, since you can't un-produce. Producing is what would cause regulations/PR problems. |
|
|
|
|
|
|
|
|
| ▲ | ComputerGuru 4 hours ago | parent | prev | next [-] |
| Different restrictions. ML gets treated differently from the rest. |
|
| ▲ | daedrdev 4 hours ago | parent | prev [-] |
| Specifically only ML research |
| |
| ▲ | loneboat 34 minutes ago | parent [-] | | Aah my mistake. I had missed that ML had separate trigger behavior from cybersecurity/etc... Thanks. |
|
